<?php
$sanitize_all_escapes = true;
$fake_register_globals = false;
if (!isset($_REQUEST['medico'])) 
    session_start();

$landingpage = "index.php?site=" . $_SESSION['site_id'];
if (isset($_SESSION['pid']) && isset($_SESSION['patient_portal_onsite'])) {
    $pid = $_SESSION['pid'];
} else {
    if (!isset($_REQUEST['medico'])) {
        session_destroy();
        header('Location: ' . $landingpage . '&w');
        exit;
    } 
}
$ignoreAuth = true;
include_once('../interface/globals.php');
if (isset($_REQUEST['medico']))
    $pid = $_REQUEST['set_pid'];
$medico = "";
$medicoIni = "";
if (isset($_REQUEST['medico'])) {
    $medico = "&medico=1&set_pid=".$pid;
    $medicoIni = "?medico=1&set_pid=".$pid;
}

?>
<script type="text/javascript" src="<?php echo $web_root; ?>/library/dialog.js"></script>
<script type="text/javascript" src="<?php echo $web_root; ?>/library/js/jquery-1.10.0.min.js"></script>
<script type="text/javascript" src="<?php echo $web_root; ?>/library/js/jquery-migrate-1.2.1.min.js"></script>
<script type="text/javascript" src="<?php echo $web_root; ?>/library/js/jquery.tools.min.js"></script>
<script type="text/javascript" src="<?php echo $web_root; ?>/library/js/common.js"></script>
<script type="text/javascript" src="<?php echo $web_root; ?>/patients/js/ajtooltip.js"></script>
<!-- end -->

<link rel="stylesheet" href="css/base.css" type="text/css"/>
<link rel="stylesheet" href="css/nightingale.css" type="text/css"/>
<?php
$special_timeout = 10000;
if (substr($_GET["formname"], 0, 3) === 'LBF') {
  // Use the List Based Forms engine for all LBFxxxxx forms.
  include_once("$incdir/forms/LBF/new.php");
}
else {
  // ensure the path variable has no illegal characters
  check_file_dir_name($_GET["formname"]);

  include_once("$incdir/forms/" . $_GET["formname"] . "/add_new.php");
}
?>
